Home Malware Programs Rogue Anti-Virus Programs Antivirus Defence

Antivirus Defence

Posted: August 30, 2013

Threat Metric

Ranking: 8,286
Threat Level: 1/10
Infected PCs: 815
First Seen: August 30, 2013
Last Seen: September 16, 2023
OS(es) Affected: Windows

Antivirus Defence is a new member of Winwebsec, the long-lived family of anti-malware and anti-virus programs that display fraudulent security information, block various Windows programs and disable some baseline security features without your permission. Antivirus Defence's attacks, which display alerts and scan results for various PC threats that aren't on the affected computers, are intended to make you want to purchase its software to disinfect your PC. However, Antivirus Defence lacks any real disinfection functionality, and SpywareRemove.com malware researchers encourage removing Antivirus Defence with real anti-malware programs since Antivirus Defence is a danger to your computer until Antivirus Defence is uninstalled.

The Extra Problems that Come with an Antivirus Scanner that Detects Imaginary Viruses

As a piece of scamware derived from the WinWeb Security family, Antivirus Defence is designed for attacking your computer and misleading you with fake security information, including fraudulent anti-malware scans and various forms of inaccurate pop-up alerts. Although most of Antivirus Defence's aesthetics are given over to maintaining its masquerade as an anti-virus product, Antivirus Defence also includes other functions that are less obvious but more harmful than its fake threat alerts, such as:

  • Deleting essential components of the Windows Defender security program.
  • Blocking the memory processes of numerous other applications while also generating fake alerts that claim that these applications have been infected, Exceptions are maintained for any programs that are essential for allowing Windows to run.
  • Restricting your use of the Windows Task Manager, the Registry Editor and various popular Web browsers (Internet Explorer, Chrome, Opera, Firefox, etc).

SpywareRemove.com malware analysts especially recommend trying to identify pop-up warnings that are related to Antivirus Defence infections so that they can be ignored as false alarms. Unusually, at least one known variant of Antivirus Defence has been found using a real threat database 'borrowed' from a third party, but even this variant of Antivirus Defence has not shown any tendencies towards being able to remove malware.

The Proper Defensive Maneuvers Against a Modern Day Antivirus Scam

Although some variants of Antivirus Defence are more dangerous than others and not all variants will include the entirety of the attack feature set noted above, SpywareRemove.com malware experts strongly recommend treating all versions of Antivirus Defence as harmful to your computer. Since Antivirus Defence usually will interfere with the anti-malware applications that could remove Antivirus Defence, you should attempt to prevent Antivirus Defence from launching through using security features like Safe Mode or the Command Prompt. Deleting Antivirus Defence once Antivirus Defence is disabled should be as simple as running a scan by any real anti-malware product.

Antivirus Defence's family has a long history of switching to new names to avoid recognition on the part of its victims. SpywareRemove.com malware researchers can provide many examples of Antivirus Defence's ancestors and close relatives, such as Antivirus Security, System Security, AntiSpyware Pro 2009, Total Security, Total Security 2009, Security Tool, Trojan.RogueAV.a.gen, System Adware Scanner 2010, FakeAlert-KW.e, Advanced Security Tool 2010, System Tool 2011, MS Removal Tool, Antivirus Center, Security Shield, Personal Shield Pro, Advanced PC Shield 2012, Security Sphere 2012 and Futurro Antivirus.

Technical Details

Additional Information

The following messages's were detected:
# Message
1Antivirus Defence Firewall Alert
Antivirus Defence Firewall has blocked a program from accessing the Internet.
Internet Explorer Internet Browser is infected with worm SVCHOST.Stealth.Keyloger. This worm is trying to send your credit card details using Internet Explorer Internet Browser to connect to remote host.
2Antivirus Defence Warning
Intercepting programs that may compromise your privacy and harm your system have been detected on your PC.
Click here to remove them immediately with Antivirus Defence.
3Antivirus Defence Warning
Some critical system files of your computer were modified by malicious program. It may cause system instability and data loss.
Click here to block unauthorised modification by removing threats (Recommended)
4Antivirus Defence Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
5Spyware.IEMonster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla FireFox, Outlook and other programs. Click here to remove it immediately with Antivirus Defence.
6Warning!
Application cannot be executed. The file cmd.exe infected.
Please activate Antivirus Defence.

Related Posts

Loading...